It appears that the PHP directive, 'register_globals' is enabled. This is bad. You need to disable it before continuing.